I am a senior research fellow at the Mercatus Center at George Mason University where I work with the Technology Policy Program. I cover technology, media, Internet, and free speech policy issues with a particular focus in online child safety and digital privacy policy issues.
I have spent two decades in the public policy research community. I previously served as the President of The Progress & Freedom Foundation, the Director of Telecommunications Studies at the Cato Institute, a Senior Fellow at The Heritage Foundation as a Fellow in Economic Policy, and a researcher at the Adam Smith Institute in London.
I am the author or editor of seven books on diverse topics such as media regulation and child safety issues, mass media regulation, Internet governance and jurisdiction, intellectual property, regulation of network industries, and the role of federalism within high-technology markets. I earned a B.A. in journalism and political science at Indiana University, and received a M.A. in international business management and trade theory at the University of Maryland.
I also blog regularly at the Technology Liberation Front (http://techliberation.com) and can be found on Twitter at: @AdamThierer

Erasing Our Past On The Internet

Imagine a big “ERASE” button that sat on your desk and allowed you to wipe out an embarrassing moment from the past — a kind of metaphysical version of the Staples “Easy button.” It would be tempting to hit that button on occasion, but such a device exists only in the realm of fantasy.

Some privacy advocates now want to mandate such a button for the Internet. It is unlikely that such a mechanism could be implemented, and even if it could, it would have troubling ramifications for freedom of speech, digital commerce, and Internet governance more generally.

Last December, Common Sense Media, an influential media watchdog and online safety organization, proposed letting kids or their parents delete information that children or teens had put online but later regretted. “Web companies should develop tools that make it easier for young people — or their parents — to completely opt out and delete this information,” the organization argued. They called it the Internet “Eraser Button.”

A similar idea is currently being considered across the Atlantic. The European Union, which has far more sweeping privacy controls than the U.S., is now considering a so-called “right to be forgotten” online. The E.U. defines it as “the right of individuals to have their data… deleted when they are no longer needed for legitimate purposes.”

While U.S. policymakers have yet to embrace so far-reaching a concept, a bill introduced this week by Senators John Kerry and John McCain mandates “data minimization” by website operators, which could provide an opening for broader regulation. Some congressional Democrats are rumored to be interested in the Eraser Button concept.

While some will sympathize with efforts to reengineer the Net to forget our pasts, there are several problems with a mandatory online “right to be forgotten” or “Eraser Button.”

First, and most obviously, such notions conflict violently with speech rights and press freedoms. Enshrining into law such expansive privacy norms places stricter limits on others’ rights to speak freely, or to collect and analyze information about others.

The ramifications for journalism are particularly troubling. Good reporting often requires being “nosy” while gathering facts. Could a public figure claim “a right to be forgotten” when a journalist pens an article about them beating their wife or committing corporate fraud?

Germany already has a law like this for convicted criminals, who can have old facts about their crimes repressed after they have served their sentences. Such a “right” to repress facts is obviously at odds with the First Amendment here in the U.S., but even a milder version of a right to be forgotten will run up against speech rights. Security issues are another concern. Is there an iron-clad way for sites to verify someone’s identity before processing a deletion request?

Such a system could also open dangerous backdoor vulnerabilities to hackers or others with malicious intentions. More routinely, a parent or ex-spouse who was angry after a bitter fight might possess the requisite information needed to process a deletion request. Similarly, teens often share a great deal of personal information with friends, which could lead to a disastrous scenario if they request deletion of information that is not theirs. What about shared content? For example, many photographs, blog posts, or social networking entries include multiple people and are copied and reposted on multiple sites (and often archived). Facebook says users submit around 650,000 comments on the 100 million pieces of content served up every minute on its site. If one person decides to hit the Erase Button, must everyone else’s content be deleted?

At a minimum, the “right” will lead to a flood of requests — both genuine and bogus — from aggrieved parties and ne’er-do-wells alike inundating every website where people can share information. Every blogger could conceivably be asked at any time to delete any comment on any post ever written. Who makes these calls?

There are other thorny enforcement issues to take into account. Who actually owns the data collected by online sites and services? Personal information uploaded by individuals may be used by a website or data collection service to run website analytics, serve up advertising to support “free” online content, or just improve the user experience. Untangling all that can be complicated, especially in light of the sheer volume of information uploaded every day. “The truth about data is that once it is out there, it’s hard to control,” says IBM engineer Jeff Jonas.

What we are talking about here is the destruction of history, otherwise known as censorship. Few would have suggested that burning books was a smart way to protect privacy in the past. Is burning binary bits of information any wiser?

Instead of using censorship as a privacy policy, we should instead encourage better social norms, especially among youth. Teaching our kids smarter online hygiene and “Netiquette” is vital. “Think before you click” should be lesson #1.

Online operators should also be careful about what (or how much) information they collect — especially if they primarily serve young audiences. The Children’s Online Privacy Protection Act of 1998 already limits the collection of information from children under age 13. Infantilizing the rest of us is hardly a solution.

Many excellent online safety and privacy-enhancing tools also exist that parents and teens can tap to better safeguard their online privacy. In extreme cases, online reputation management companies can be used to better manage online privacy.

But half-baked ideas like an Internet Eraser Button or “right to be forgotten” would require a massive expansion in Internet regulation and threaten free speech rights in the process. We should just forget about it.

Post Your Comment

Post Your Reply

Forbes writers have the ability to call out member comments they find particularly interesting. Called-out comments are highlighted across the Forbes network. You'll be notified if your comment is called out.